IPWorks Encrypt 2020 Delphi Edition

Questions / Feedback?

Sign Method

Creates a hash signature using ECDSA or EdDSA.

procedure Sign();

Remarks

Sign will create a hash signature using ECDSA or EdDSA. The component will use the key specified by Key to has the input data and sign the resulting hash.

Key must contain a private key created with a valid ECDSA or EdDSA algorithm. Algorithm is used to determine the eligibility of the key for this operation. Supported algorithms for signing are:

  • secp256r1
  • secp384r1
  • secp521r1
  • ed25519
  • ed448

See CreateKey for details about key creation and algorithms.

When this method is called data will be read from the InputFile or InputMessage.

The hash to be signed will be computed using the specified HashAlgorithm. The computed hash is stored in the HashValue property. The signed hash is stored in the HashSignature property.

To sign as hash without first computing it set HashValue to a previously computed hash for the input data. Note: HashValue is not applicable when signing with a PureEdDSA algorithm such as "ed25519" or "ed448".

The Progress event will fire with updates for the hash computation progress only. The hash signature creation process is quick and does not require progress updates.

After calling Sign the public key must be sent to the recipient along with HashSignature and original input data so the other party may perform signature verification.

The following properties are applicable when calling this method:

The following properties are populated after calling this method:

EdDSA Notes

When the Algorithm is ed25519 or ed448 the following additional parameters are applicable:

EdDSA keys can be used with a PureEdDSA algorithm (ed25519/ed448) or as HashEdDSA (ed25519ph, ed448ph) algorithm. This is controlled by the HashEdDSA property. By default the component uses the PureEdDSA algorithm.

The PureEdDSA algorithm requires two passes over the input data but provides collision resilience. The collision resilience of PureEdDSA means even if it is feasible to compute collisions for the hash function, the algorithm is still secure. When using PureEdDSA HashValue is not applicable.

When using a HashEdDSA algorithm the input is pre-hashed and supports a single pass over the data during the signing operation. To enable HashEdDSA set HashEdDSA to True.

To specify context data when using ed25519 or ed448 set EdDSAContext.

Sign And Verify Example (ECDSA)


//Create an ECDSA key on Party 1
Ecc ecc1 = new Ecc();
ecc1.CreateKey("secp256r1");
string ecc1_priv = ecc1.Key.PrivateKey;
string ecc1_pub = ecc1.Key.PublicKey;

//Sign the data on Party 1
string originalData = "hello ecc";

ecc1.Reset();
ecc1.Key.PrivateKey = ecc1_priv;
ecc1.InputMessage = originalData;
ecc1.UseHex = true; //Hex encode the hash signature for ease of use.
ecc1.Sign();

string hashSignature = ecc1.HashSignature;

//Transmit the hash signature, public key, and original data to part 2

//Verify the data on Party 2
Ecc ecc2 = new Ecc();
ecc2.SignerKey.PublicKey = ecc1_pub;
ecc2.InputMessage = originalData;
ecc2.HashSignature = hashSignature;
ecc2.UseHex = true; //Decode the hex encoded hash signature

bool isVerified = ecc2.VerifySignature();

Sign And Verify Example (EdDSA - PureEdDSA)


//Create an EdDSA key on Party 1
Ecc ecc1 = new Ecc();
ecc1.CreateKey("ed25519");
string ecc1_priv = ecc1.Key.PrivateKey;
string ecc1_pub = ecc1.Key.PublicKey;

//Sign the data on Party 1
string originalData = "hello ecc";

ecc1.Reset();
ecc1.Key.PrivateKey = ecc1_priv;
ecc1.InputMessage = originalData;
ecc1.UseHex = true; //Hex encode the hash signature for ease of use.
ecc1.Sign();

string hashSignature = ecc1.HashSignature;

//Transmit the hash signature, public key, and original data to part 2

//Verify the data on Party 2
Ecc ecc2 = new Ecc();
ecc2.SignerKey.PublicKey = ecc1_pub;
ecc2.InputMessage = originalData;
ecc2.HashSignature = hashSignature;
ecc2.UseHex = true; //Decode the hex encoded hash signature

bool isVerified = ecc2.VerifySignature();

Sign And Verify Example (EdDSA - HashEdDSA)


//Create an EdDSA key on Party 1
Ecc ecc1 = new Ecc();
ecc1.CreateKey("ed25519");
string ecc1_priv = ecc1.Key.PrivateKey;
string ecc1_pub = ecc1.Key.PublicKey;

//Sign the data on Party 1
string originalData = "hello ecc";

ecc1.Reset();
ecc1.Key.PrivateKey = ecc1_priv;
ecc1.InputMessage = originalData;
ecc1.UseHex = true; //Hex encode the hash signature for ease of use.
ecc1.HashEdDSA = true; //Use "ed25519ph"
ecc1.Sign();

string hashSignature = ecc1.HashSignature;

//Transmit the hash signature, public key, and original data to part 2

//Verify the data on Party 2
Ecc ecc2 = new Ecc();
ecc2.SignerKey.PublicKey = ecc1_pub;
ecc2.InputMessage = originalData;
ecc2.HashSignature = hashSignature;
ecc2.HashEdDSA = true;
ecc2.UseHex = true; //Decode the hex encoded hash signature

bool isVerified = ecc2.VerifySignature();

Copyright (c) 2022 /n software inc. - All rights reserved.
IPWorks Encrypt 2020 Delphi Edition - Version 20.0 [Build 8155]